[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #7540 [EFF-HTTPS Everywhere]: Breaks certain links and forms at SnapNames

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #7540 [EFF-HTTPS Everywhere]: Breaks certain links and forms at SnapNames
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 17 Dec 2012 23:56:12 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 17 Dec 2012 18:56:21 -0500
In-reply-to: <052.36b92a0248b9d774efef1e28060eacd7@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <052.36b92a0248b9d774efef1e28060eacd7@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#7540: Breaks certain links and forms at SnapNames
-------------------------------------+--------------------------------------
    Reporter:  subsection1t          |       Owner:  pde   
        Type:  defect                |      Status:  closed
    Priority:  normal                |   Milestone:        
   Component:  EFF-HTTPS Everywhere  |     Version:        
  Resolution:  fixed                 |    Keywords:        
      Parent:                        |      Points:        
Actualpoints:                        |  
-------------------------------------+--------------------------------------
Changes (by pde):

 * cc: MB, admin@â (added)
  * status:  new => closed
  * resolution:  => fixed


Comment:

 I think this is a securecookie bug.  Which is weird, because
 moniker.snapnames.com is being successfully rewritten from HTTP to HTTPS.
 This is probably evidence of a security vulernability in the snapnames
 site.

 Anyway, we're going to disable the securecookie directives in the next
 release of HTTPS Everywhere.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7540#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #7427 [EFF-HTTPS Everywhere]: Problem with the images on www.fmylife.com
Next by Author: Re: [tor-bugs] #7695 [EFF-HTTPS Everywhere]: eBay images being blocked
Previous by thread: Re: [tor-bugs] #7427 [EFF-HTTPS Everywhere]: Problem with the images on www.fmylife.com
Next by thread: Re: [tor-bugs] #7119 [EFF-HTTPS Everywhere]: Microsoft Sysinternals partially broken
Index(es):
- Author
- Thread